added more logic

auth/auth.go

@@ -52,12 +52,12 @@ func hashPassword(password string) (string, error) {
 	return string(bytes), err
 }
 
-func AuthorizedTo(requiredPermissions models.Permission) gin.HandlerFunc {
+func AuthorizedTo(requiredPermissions models.Permission, overwriters ...func(*gin.Context) bool) gin.HandlerFunc {
 	return func(ctx *gin.Context) {
-		fmt.Println("Auth logic starts")
 		authCookie, err := ctx.Request.Cookie("auth")
 		if err != nil {
 			ctx.AbortWithError(403, err)
+			return
 		}
 
 		token, err := jwt.ParseWithClaims(authCookie.Value, &AuthClaims{}, func(token *jwt.Token) (interface{}, error) {
@@ -71,12 +71,18 @@ func AuthorizedTo(requiredPermissions models.Permission) gin.HandlerFunc {
 		})
 		if err != nil {
 			ctx.AbortWithError(403, err)
+			return
 		}
-		fmt.Println(token.Claims)
 		if claims, ok := token.Claims.(*AuthClaims); ok && token.Valid {
 			ctx.Set("claims", claims)
 			if requiredPermissions&claims.Permissions != requiredPermissions && models.Admin&claims.Permissions != models.Admin {
+				for _, overwrite := range overwriters {
+					if overwrite(ctx) {
+						return
+					}
+				}
 				ctx.AbortWithStatus(403)
+				return
 			}
 		} else {
 			ctx.AbortWithStatus(500)
@@ -118,22 +124,18 @@ func (con Connection) signIn(c *gin.Context) {
 
 	if err != nil {
 		c.AbortWithError(500, err)
+		return
 	}
 	var userItem models.User
 	err = con.connection.Database("Backend").Collection("Users").FindOne(context.TODO(), bson.D{{Key: "Username", Value: request.Username}}).Decode(&userItem)
 	if err != nil {
 		c.AbortWithError(403, err)
+		return
 	}
 
-	err = bcrypt.CompareHashAndPassword([]byte(userItem.HashedPass), []byte(request.Password))
-	if err != nil {
-		println(err.Error())
-		pass, err := hashPassword(request.Password)
-		if err != nil {
-			c.AbortWithError(403, err)
-		}
-		fmt.Printf("UserPass: %s\nDatabaseHash: %s\nHash %s\n", request.Password, userItem.HashedPass, pass)
+	if bcrypt.CompareHashAndPassword([]byte(userItem.HashedPass), []byte(request.Password)) != nil {
 		c.AbortWithStatus(403)
+		return
 	}
 
 	token := TokenInfo{
@@ -144,6 +146,7 @@ func (con Connection) signIn(c *gin.Context) {
 	signedToken, err := signToken(token)
 	if err != nil {
 		c.AbortWithError(500, err)
+		return
 	}
 
 	c.SetCookie("auth", signedToken, -1, "", "", false, false)
@@ -155,6 +158,7 @@ func (con Connection) test(c *gin.Context) {
 	if !exists {
 		fmt.Println("No Claims")
 		c.AbortWithStatus(403)
+		return
 	}
 	c.IndentedJSON(http.StatusOK, claims)
 }
@@ -162,9 +166,7 @@ func (con Connection) test(c *gin.Context) {
 func LoadGroup(group *gin.RouterGroup, client *mongo.Client) {
 	connection := Connection{connection: client}
 	group.POST("/signin", connection.signIn)
-	group.Use(AuthorizedTo(models.Admin))
-	{
-		group.POST("/signup", connection.signUp)
-		group.GET("/test", connection.test)
-	}
+
+	group.POST("/signup", AuthorizedTo(models.Admin), connection.signUp)
+	group.GET("/test", AuthorizedTo(models.Admin), connection.test)
 }